mengshibin
/
xiaoan


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
							package com.xiaoan.web.backend;

import com.xiaoan.common.constant.MsgCode;
import com.xiaoan.common.util.PasswordUtils;
import com.xiaoan.common.util.ResultJson;
import com.xiaoan.domain.backend.UserEntity;
import com.xiaoan.domain.dto.request.UserRequest;
import com.xiaoan.service.backend.ResourceService;
import com.xiaoan.service.backend.RoleService;
import com.xiaoan.service.backend.UserService;
import com.xiaoan.service.backend.dto.ResourceTree;
import com.xiaoan.web.shiro.JWTUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import java.util.*;
import java.util.concurrent.TimeUnit;

/**
 * Created by owen on 2020/2/19 0019 15:53
 */
@Api(tags = "IndexController", description = "后台登录管理")
@RestController
@RequestMapping("api/manage/user")
@Transactional
@Log4j2
public class IndexController {

    @Autowired
    private UserService userService;

    @Autowired
    private RoleService roleService;

    @Autowired
    private ResourceService resourceService;

    @Autowired
    private RedisTemplate<String, String> redisTemplate;


    @ApiOperation("查询用户信息")
    @PostMapping(value = "/login")
    public ResultJson login(@RequestBody UserRequest param) throws Exception {
        log.warn("run login , userName:{}, password:{}", param.getUserName(), param.getPassword());
        // 1.获取用户
        UserEntity userEntity = userService.findByUserName(param.getUserName());
        if (userEntity == null){
            return new ResultJson(MsgCode.FAILURE_CODE_4001, MsgCode.FAILURE_MSG_4001);
        }

        // 验证密码
        String decryptName = PasswordUtils.decrypt(userEntity.getPassword(), param.getPassword(), PasswordUtils.getStaticSalt());
        if (!param.getUserName().equals(decryptName)) {
            return new ResultJson(MsgCode.FAILURE_CODE_4002, MsgCode.FAILURE_MSG_4002);
        }

        // 检查账号是否启用
        if (userEntity.getStatus() != 0) {
            return new ResultJson(MsgCode.FAILURE_CODE_4003, MsgCode.FAILURE_MSG_4003);
        }

        // 获取用户菜单
        List<ResourceTree> resourcesByUserMenu = resourceService.getResourcesTreeByUserMenu(userEntity);

        List<ResourceTree> resourcesTreeByUserPermission = resourceService.getResourcesTreeByUserPermission(userEntity);

        // 创建新token
        String token = JWTUtil.sign(param.getUserName(), userEntity.getPassword());
        log.warn("new token: {}", token);

        HashMap<String, Object> result = new HashMap<>();
        result.put("userEntity", userEntity);
//        result.put("resources", resourcesByUserMenu);
        result.put("token", token);
        result.put("resourcesTreeByUserPermission", resourcesTreeByUserPermission);


        // 更新到 redis, 有效期24h, 旧token无效
        redisTemplate.opsForValue().set(userEntity.getUserName(), token, Long.parseLong("24"), TimeUnit.HOURS);
        return new ResultJson(MsgCode.SUCCESS_CODE, result);
    }

    @GetMapping("/logout")
    public ResultJson logout(HttpServletRequest request) {
        log.info("run logout");

        String token = request.getHeader("Authorization");
        String username = JWTUtil.getUsername(token);

        String redisToken = (String) redisTemplate.opsForValue().get(username);
        // token username 一致，代表没有被踢出
        if (username.equals(redisToken)) {
            redisTemplate.delete(username);
        }

        log.info("end logout");
        return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.SUCCESS_MSG);
    }
}